There was the Uber executive who suggested spending $1 million to dig up dirt on a journalist critical of the company.

Or the Uber job applicant who claimed he was given admin-style privilege to access Uber’s real-time passenger data feed, even after his interview ended.

Apparently, Uber staff had the same sort of unfettered access, with potential disciplinary action the only safeguard against misuse.

Which leads to the next tale – an incident where an executive at the company confessed to sneaking a peek at a journalist’s supposedly private trip information, tracking her movements on two separate occasions.

And how about those Uber data crunchers publishing a since-deleted blog post about mining data to spot customers who’ve just had lovers’ trysts, which, even if anonymized, is really creepy.

We should give Uber some credit – it has recently stepped up its safety and security efforts.

In November 2014, the company hired an outside auditor to check up on its data security practices, and this past March, in response to several lawsuits against it, Uber said it was working on improving customer safety and beefing up background checks on drivers.

Uber has learned, slowly, that it has security problems that need addressing – although you have to wonder why Uber didn’t have a CSO before now.